| 1 | /* $NetBSD: smtp.c,v 1.10 2017/02/14 01:16:48 christos Exp $ */ |
| 2 | |
| 3 | /*++ |
| 4 | /* NAME |
| 5 | /* smtp 8 |
| 6 | /* SUMMARY |
| 7 | /* Postfix SMTP+LMTP client |
| 8 | /* SYNOPSIS |
| 9 | /* \fBsmtp\fR [generic Postfix daemon options] |
| 10 | /* DESCRIPTION |
| 11 | /* The Postfix SMTP+LMTP client implements the SMTP and LMTP mail |
| 12 | /* delivery protocols. It processes message delivery requests from |
| 13 | /* the queue manager. Each request specifies a queue file, a sender |
| 14 | /* address, a domain or host to deliver to, and recipient information. |
| 15 | /* This program expects to be run from the \fBmaster\fR(8) process |
| 16 | /* manager. |
| 17 | /* |
| 18 | /* The SMTP+LMTP client updates the queue file and marks recipients |
| 19 | /* as finished, or it informs the queue manager that delivery should |
| 20 | /* be tried again at a later time. Delivery status reports are sent |
| 21 | /* to the \fBbounce\fR(8), \fBdefer\fR(8) or \fBtrace\fR(8) daemon as |
| 22 | /* appropriate. |
| 23 | /* |
| 24 | /* The SMTP+LMTP client looks up a list of mail exchanger addresses for |
| 25 | /* the destination host, sorts the list by preference, and connects |
| 26 | /* to each listed address until it finds a server that responds. |
| 27 | /* |
| 28 | /* When a server is not reachable, or when mail delivery fails due |
| 29 | /* to a recoverable error condition, the SMTP+LMTP client will try to |
| 30 | /* deliver the mail to an alternate host. |
| 31 | /* |
| 32 | /* After a successful mail transaction, a connection may be saved |
| 33 | /* to the \fBscache\fR(8) connection cache server, so that it |
| 34 | /* may be used by any SMTP+LMTP client for a subsequent transaction. |
| 35 | /* |
| 36 | /* By default, connection caching is enabled temporarily for |
| 37 | /* destinations that have a high volume of mail in the active |
| 38 | /* queue. Connection caching can be enabled permanently for |
| 39 | /* specific destinations. |
| 40 | /* SMTP DESTINATION SYNTAX |
| 41 | /* .ad |
| 42 | /* .fi |
| 43 | /* SMTP destinations have the following form: |
| 44 | /* .IP \fIdomainname\fR |
| 45 | /* .IP \fIdomainname\fR:\fIport\fR |
| 46 | /* Look up the mail exchangers for the specified domain, and |
| 47 | /* connect to the specified port (default: \fBsmtp\fR). |
| 48 | /* .IP [\fIhostname\fR] |
| 49 | /* .IP [\fIhostname\fR]:\fIport\fR |
| 50 | /* Look up the address(es) of the specified host, and connect to |
| 51 | /* the specified port (default: \fBsmtp\fR). |
| 52 | /* .IP [\fIaddress\fR] |
| 53 | /* .IP [\fIaddress\fR]:\fIport\fR |
| 54 | /* Connect to the host at the specified address, and connect |
| 55 | /* to the specified port (default: \fBsmtp\fR). An IPv6 address |
| 56 | /* must be formatted as [\fBipv6\fR:\fIaddress\fR]. |
| 57 | /* LMTP DESTINATION SYNTAX |
| 58 | /* .ad |
| 59 | /* .fi |
| 60 | /* LMTP destinations have the following form: |
| 61 | /* .IP \fBunix\fR:\fIpathname\fR |
| 62 | /* Connect to the local UNIX-domain server that is bound to the specified |
| 63 | /* \fIpathname\fR. If the process runs chrooted, an absolute pathname |
| 64 | /* is interpreted relative to the Postfix queue directory. |
| 65 | /* .IP \fBinet\fR:\fIhostname\fR |
| 66 | /* .IP \fBinet\fR:\fIhostname\fR:\fIport\fR |
| 67 | /* .IP \fBinet\fR:[\fIaddress\fR] |
| 68 | /* .IP \fBinet\fR:[\fIaddress\fR]:\fIport\fR |
| 69 | /* Connect to the specified TCP port on the specified local or |
| 70 | /* remote host. If no port is specified, connect to the port defined as |
| 71 | /* \fBlmtp\fR in \fBservices\fR(4). |
| 72 | /* If no such service is found, the \fBlmtp_tcp_port\fR configuration |
| 73 | /* parameter (default value of 24) will be used. |
| 74 | /* An IPv6 address must be formatted as [\fBipv6\fR:\fIaddress\fR]. |
| 75 | /* .PP |
| 76 | /* SECURITY |
| 77 | /* .ad |
| 78 | /* .fi |
| 79 | /* The SMTP+LMTP client is moderately security-sensitive. It |
| 80 | /* talks to SMTP or LMTP servers and to DNS servers on the |
| 81 | /* network. The SMTP+LMTP client can be run chrooted at fixed |
| 82 | /* low privilege. |
| 83 | /* STANDARDS |
| 84 | /* RFC 821 (SMTP protocol) |
| 85 | /* RFC 822 (ARPA Internet Text Messages) |
| 86 | /* RFC 1651 (SMTP service extensions) |
| 87 | /* RFC 1652 (8bit-MIME transport) |
| 88 | /* RFC 1870 (Message Size Declaration) |
| 89 | /* RFC 2033 (LMTP protocol) |
| 90 | /* RFC 2034 (SMTP Enhanced Error Codes) |
| 91 | /* RFC 2045 (MIME: Format of Internet Message Bodies) |
| 92 | /* RFC 2046 (MIME: Media Types) |
| 93 | /* RFC 2554 (AUTH command) |
| 94 | /* RFC 2821 (SMTP protocol) |
| 95 | /* RFC 2920 (SMTP Pipelining) |
| 96 | /* RFC 3207 (STARTTLS command) |
| 97 | /* RFC 3461 (SMTP DSN Extension) |
| 98 | /* RFC 3463 (Enhanced Status Codes) |
| 99 | /* RFC 4954 (AUTH command) |
| 100 | /* RFC 5321 (SMTP protocol) |
| 101 | /* RFC 6531 (Internationalized SMTP) |
| 102 | /* RFC 6533 (Internationalized Delivery Status Notifications) |
| 103 | /* RFC 7672 (SMTP security via opportunistic DANE TLS) |
| 104 | /* DIAGNOSTICS |
| 105 | /* Problems and transactions are logged to \fBsyslogd\fR(8). |
| 106 | /* Corrupted message files are marked so that the queue manager can |
| 107 | /* move them to the \fBcorrupt\fR queue for further inspection. |
| 108 | /* |
| 109 | /* Depending on the setting of the \fBnotify_classes\fR parameter, |
| 110 | /* the postmaster is notified of bounces, protocol problems, and of |
| 111 | /* other trouble. |
| 112 | /* BUGS |
| 113 | /* SMTP and LMTP connection caching does not work with TLS. The necessary |
| 114 | /* support for TLS object passivation and re-activation does not |
| 115 | /* exist without closing the session, which defeats the purpose. |
| 116 | /* |
| 117 | /* SMTP and LMTP connection caching assumes that SASL credentials |
| 118 | /* are valid for all destinations that map onto the same IP |
| 119 | /* address and TCP port. |
| 120 | /* CONFIGURATION PARAMETERS |
| 121 | /* .ad |
| 122 | /* .fi |
| 123 | /* Before Postfix version 2.3, the LMTP client is a separate |
| 124 | /* program that implements only a subset of the functionality |
| 125 | /* available with SMTP: there is no support for TLS, and |
| 126 | /* connections are cached in-process, making it ineffective |
| 127 | /* when the client is used for multiple domains. |
| 128 | /* |
| 129 | /* Most smtp_\fIxxx\fR configuration parameters have an |
| 130 | /* lmtp_\fIxxx\fR "mirror" parameter for the equivalent LMTP |
| 131 | /* feature. This document describes only those LMTP-related |
| 132 | /* parameters that aren't simply "mirror" parameters. |
| 133 | /* |
| 134 | /* Changes to \fBmain.cf\fR are picked up automatically, as \fBsmtp\fR(8) |
| 135 | /* processes run for only a limited amount of time. Use the command |
| 136 | /* "\fBpostfix reload\fR" to speed up a change. |
| 137 | /* |
| 138 | /* The text below provides only a parameter summary. See |
| 139 | /* \fBpostconf\fR(5) for more details including examples. |
| 140 | /* COMPATIBILITY CONTROLS |
| 141 | /* .ad |
| 142 | /* .fi |
| 143 | /* .IP "\fBignore_mx_lookup_error (no)\fR" |
| 144 | /* Ignore DNS MX lookups that produce no response. |
| 145 | /* .IP "\fBsmtp_always_send_ehlo (yes)\fR" |
| 146 | /* Always send EHLO at the start of an SMTP session. |
| 147 | /* .IP "\fBsmtp_never_send_ehlo (no)\fR" |
| 148 | /* Never send EHLO at the start of an SMTP session. |
| 149 | /* .IP "\fBsmtp_defer_if_no_mx_address_found (no)\fR" |
| 150 | /* Defer mail delivery when no MX record resolves to an IP address. |
| 151 | /* .IP "\fBsmtp_line_length_limit (998)\fR" |
| 152 | /* The maximal length of message header and body lines that Postfix |
| 153 | /* will send via SMTP. |
| 154 | /* .IP "\fBsmtp_pix_workaround_delay_time (10s)\fR" |
| 155 | /* How long the Postfix SMTP client pauses before sending |
| 156 | /* ".<CR><LF>" in order to work around the PIX firewall |
| 157 | /* "<CR><LF>.<CR><LF>" bug. |
| 158 | /* .IP "\fBsmtp_pix_workaround_threshold_time (500s)\fR" |
| 159 | /* How long a message must be queued before the Postfix SMTP client |
| 160 | /* turns on the PIX firewall "<CR><LF>.<CR><LF>" |
| 161 | /* bug workaround for delivery through firewalls with "smtp fixup" |
| 162 | /* mode turned on. |
| 163 | /* .IP "\fBsmtp_pix_workarounds (disable_esmtp, delay_dotcrlf)\fR" |
| 164 | /* A list that specifies zero or more workarounds for CISCO PIX |
| 165 | /* firewall bugs. |
| 166 | /* .IP "\fBsmtp_pix_workaround_maps (empty)\fR" |
| 167 | /* Lookup tables, indexed by the remote SMTP server address, with |
| 168 | /* per-destination workarounds for CISCO PIX firewall bugs. |
| 169 | /* .IP "\fBsmtp_quote_rfc821_envelope (yes)\fR" |
| 170 | /* Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands |
| 171 | /* as required |
| 172 | /* by RFC 5321. |
| 173 | /* .IP "\fBsmtp_reply_filter (empty)\fR" |
| 174 | /* A mechanism to transform replies from remote SMTP servers one |
| 175 | /* line at a time. |
| 176 | /* .IP "\fBsmtp_skip_5xx_greeting (yes)\fR" |
| 177 | /* Skip remote SMTP servers that greet with a 5XX status code. |
| 178 | /* .IP "\fBsmtp_skip_quit_response (yes)\fR" |
| 179 | /* Do not wait for the response to the SMTP QUIT command. |
| 180 | /* .PP |
| 181 | /* Available in Postfix version 2.0 and earlier: |
| 182 | /* .IP "\fBsmtp_skip_4xx_greeting (yes)\fR" |
| 183 | /* Skip SMTP servers that greet with a 4XX status code (go away, try |
| 184 | /* again later). |
| 185 | /* .PP |
| 186 | /* Available in Postfix version 2.2 and later: |
| 187 | /* .IP "\fBsmtp_discard_ehlo_keyword_address_maps (empty)\fR" |
| 188 | /* Lookup tables, indexed by the remote SMTP server address, with |
| 189 | /* case insensitive lists of EHLO keywords (pipelining, starttls, auth, |
| 190 | /* etc.) that the Postfix SMTP client will ignore in the EHLO response from a |
| 191 | /* remote SMTP server. |
| 192 | /* .IP "\fBsmtp_discard_ehlo_keywords (empty)\fR" |
| 193 | /* A case insensitive list of EHLO keywords (pipelining, starttls, |
| 194 | /* auth, etc.) that the Postfix SMTP client will ignore in the EHLO |
| 195 | /* response from a remote SMTP server. |
| 196 | /* .IP "\fBsmtp_generic_maps (empty)\fR" |
| 197 | /* Optional lookup tables that perform address rewriting in the |
| 198 | /* Postfix SMTP client, typically to transform a locally valid address into |
| 199 | /* a globally valid address when sending mail across the Internet. |
| 200 | /* .PP |
| 201 | /* Available in Postfix version 2.2.9 and later: |
| 202 | /* .IP "\fBsmtp_cname_overrides_servername (version dependent)\fR" |
| 203 | /* When the remote SMTP servername is a DNS CNAME, replace the |
| 204 | /* servername with the result from CNAME expansion for the purpose of |
| 205 | /* logging, SASL password lookup, TLS |
| 206 | /* policy decisions, or TLS certificate verification. |
| 207 | /* .PP |
| 208 | /* Available in Postfix version 2.3 and later: |
| 209 | /* .IP "\fBlmtp_discard_lhlo_keyword_address_maps (empty)\fR" |
| 210 | /* Lookup tables, indexed by the remote LMTP server address, with |
| 211 | /* case insensitive lists of LHLO keywords (pipelining, starttls, |
| 212 | /* auth, etc.) that the Postfix LMTP client will ignore in the LHLO |
| 213 | /* response |
| 214 | /* from a remote LMTP server. |
| 215 | /* .IP "\fBlmtp_discard_lhlo_keywords (empty)\fR" |
| 216 | /* A case insensitive list of LHLO keywords (pipelining, starttls, |
| 217 | /* auth, etc.) that the Postfix LMTP client will ignore in the LHLO |
| 218 | /* response |
| 219 | /* from a remote LMTP server. |
| 220 | /* .PP |
| 221 | /* Available in Postfix version 2.4.4 and later: |
| 222 | /* .IP "\fBsend_cyrus_sasl_authzid (no)\fR" |
| 223 | /* When authenticating to a remote SMTP or LMTP server with the |
| 224 | /* default setting "no", send no SASL authoriZation ID (authzid); send |
| 225 | /* only the SASL authentiCation ID (authcid) plus the authcid's password. |
| 226 | /* .PP |
| 227 | /* Available in Postfix version 2.5 and later: |
| 228 | /* .IP "\fBsmtp_header_checks (empty)\fR" |
| 229 | /* Restricted \fBheader_checks\fR(5) tables for the Postfix SMTP client. |
| 230 | /* .IP "\fBsmtp_mime_header_checks (empty)\fR" |
| 231 | /* Restricted \fBmime_header_checks\fR(5) tables for the Postfix SMTP |
| 232 | /* client. |
| 233 | /* .IP "\fBsmtp_nested_header_checks (empty)\fR" |
| 234 | /* Restricted \fBnested_header_checks\fR(5) tables for the Postfix SMTP |
| 235 | /* client. |
| 236 | /* .IP "\fBsmtp_body_checks (empty)\fR" |
| 237 | /* Restricted \fBbody_checks\fR(5) tables for the Postfix SMTP client. |
| 238 | /* .PP |
| 239 | /* Available in Postfix version 2.6 and later: |
| 240 | /* .IP "\fBtcp_windowsize (0)\fR" |
| 241 | /* An optional workaround for routers that break TCP window scaling. |
| 242 | /* .PP |
| 243 | /* Available in Postfix version 2.8 and later: |
| 244 | /* .IP "\fBsmtp_dns_resolver_options (empty)\fR" |
| 245 | /* DNS Resolver options for the Postfix SMTP client. |
| 246 | /* .PP |
| 247 | /* Available in Postfix version 2.9 and later: |
| 248 | /* .IP "\fBsmtp_per_record_deadline (no)\fR" |
| 249 | /* Change the behavior of the smtp_*_timeout time limits, from a |
| 250 | /* time limit per read or write system call, to a time limit to send |
| 251 | /* or receive a complete record (an SMTP command line, SMTP response |
| 252 | /* line, SMTP message content line, or TLS protocol message). |
| 253 | /* .IP "\fBsmtp_send_dummy_mail_auth (no)\fR" |
| 254 | |
|---|